With more and more people moving their businesses online, cyber security is very important.

Although it’s impossible to protect against every eventuality, here are a few safeguards that can be implemented.

ALWAYS

  • Review beneficiary details of payment before you approve transactions, especially those with new or changed information
  • Check account activity on a regular basis for any suspicious transactions
  • Set up customized automatic accounts alerts to know when certain activities take place
  • Set payment limits at account and employee levels based on payment trends and history
  • Verify whom you’re communicating with and know what information can be shared
  • Stop any online session that makes you uncomfortable
  • Avoid email usage for confidential or sensitive information
  • Create and update strong passwords (We recommend LastPass for this!)
  • Log off inactive devices and lock your workstation when you’re away
  • Minimize personal web-surfing on your business devices
  • Use protected Wi-Fi networks that you trust
  • Make sure your systems are protected by current and effective anti-virus software

NEVER

  • Respond to payment instructions received by email or phone without first validating the instructions by telephone or in person
  • Open an email, click a link in an email or open an email attachment without first validating the source
  • Share confidential information, including log-in credentials and account numbers
  • Respond to pop-ups or unsolicited phone calls asking you to re-submit your log-in information or that of another user
  • Allow co-workers to log-in to your machine or use your log-in credentials
  • Send work information to personal email accounts
  • Enter personal information in an email or text message
  • Describe your job on personal social media accounts

CYBER SECURITY & CYBER FRAUD: TIPS TO HELP PROTECT YOUR ASSETS

Small businesses can reduce the risk of losses due to cyber fraud by understanding the three most common methods cyber criminals use:

SOCIAL ENGINEERING

Interactions with a cybercriminal such as a phone call, email or conversation that trick a user into sharing sensitive information.

PHISHING

A cybercriminal contacts a user by email or phone and obtains the user’s security credentials, permitting the cybercriminal to act on behalf of the user.